敗' OR 1=1 -- is a fine username.
At Hacker News, turdnagel writes about one astonishing example of incompetence.
My favorite dumb password experience involves EZPass, a system for paying tolls without cash, in New York.
I signed up for EZPass using a relatively “long” password (20 chars). I then received a letter in the mail about a toll I had to pay, even though I’d had the EZPass at the the time. But, the letter said, I could pay the toll by logging in to their site and using my EZpass credentials. Didn’t use OAuth but I figured it would be OK. I input my username and password using my password manager but it didn’t work. Pretty strange, as I was able to log in to the “main” EZpass site using those same credentials. I tried logging in on the payment site again to no avail. Finally I realized that my password was being truncated by the password input field itself.
The solution was to inspect the page and change the maxlen attribute of the password field.
There are sites that block password managers! One site has you send three characters of your old password when picking a new one. American Express is apparently still on 8-character case-insentive alphanumeric passwords, which at this point suggests you might go to a public library to read about the security defects of its systems, in printed books written by people who have been dead for decades.
Trashwear retailer Yandy has released the perfect costume for Halloween 2019: sexy Mr Rogers. (Previously) Won’t you be my neighbor? Entice your friends next door with your playful puppets! Suit up with a neck tie, and be the friendliest next door neighbor in town in this exclusive Nicest Neighbor costume featuring a red top with […]
Move over, Popeyes and Chick-fil-A! Fast-food giant KFC is trialing a new menu item in Pittsburgh and Richmond. The Chicken Donut is a slab of deep-fried chicken sandwiched between two glazed donuts. Consumers are increasingly seeking novel, crave-able flavor combinations that give them the best of both sweet and savory worlds to create a unique […]
Richard Stallman resigned Monday from his positions at MIT and the Free Software Foundation, following controvery over his remarks suggeting victims of Jeffrey Epstein were willing participants. Last week it emerged that Stallman had cast doubt upon the reports that AI pioneer Marvin Minsky had sexually assaulted one of Epstein’s victims. In an email chain […]
Studies have shown cannabidiol (more popularly known as CBD) to be effective in two main areas: Pain relief and stress relief. Both of those make the non-psychoactive, cannabis-derived compound a natural for topical creams. There’s no shortage of CBD products out there, but here’s eight of our favorites, all specifically designed for dermatological use – […]
If you’re part of the maker community, you know Make:. Though Make: magazine is off the shelves as of this year, the eBooks and resources put out by Maker Media are still a fantastic resource for the new generation of tinkerers, hackers, and robotics geeks. If you’re in that tribe, listen up: they’ve released a […]
Life isn’t getting any less hectic, and pressure cookers are a quick, healthy solution for a growing number of kitchens. But if you thought your Instant Pot was versatile, there’s a major upgrade on the market: The Yedi 9-in-1 Total Package Instant Programmable Pressure Cooker. If you’ve somehow never used a pressure cooker before, try […]